Information and Corporate Risk Lead

Job Description

Job Title: Information and Corporate Risk Lead, working for a National charitable organisation. Reporting to: Business Support Manager Job Purpose: You will lead on the charitys Information Governance and Risk Management Framework. The Information and Risk Lead will act as the charitys Data Protection Officer and subject matter expert, informing and advising all employees of their obligations to complywith the UK GDPR and other data protection laws.Duties to include:Information Governance* To fulfil the role of Data Protection Officer in line with the Information Commissioners Office (ICO) guidance, and act as a point of contact for the ICO.* To develop and deliver the companys Information Governance Framework.* To review the management and reporting of recorded Information Governance incidents, leading on recommendations/actions (as and when required) and producing investigation reports.* To receive and respond to data subject access requests from external parties relating to data processed by the company, ensuring compliance with statutory requirements.* To produce and advise on the development of Data Protection Impact Assessments and Information Sharing Agreements.* Propose and present recommendations on working practices that will enable the company to maintain compliance with legislation and national standards set by the Information Commissioners Office, NHS Digital, Care Quality Commission, National Cyber SecurityCentre and others, leading to continuous improvement.* To lead in identifying risk areas and gaps in compliance with Information Governance standards and identifying and implementing controls.* To contribute to developing new/revised Information Governance related controlled documents (policies, procedures, standard operating procedures).* To write reports to the Information Governance Board, Audit and Risk Committee and any other working group responsible for Information Governance.* To lead on all external Information Governance standards, including the Data Security and Protection Toolkit and Cyber Essentials.* To chair the Information Governance Committee.* To conduct internal and external Information Governance audits, ensuring that any recommended action plans are implemented promptly, monitored and reviewed.* Establishing working groups, to co-ordinate the activities of staff given Information Governance responsibilities and progress initiatives.* To manage a central register of information governance records including but not limited to information asset register, contracts assurance register, and information sharing agreements.Corporate Risk * Leading the collaboration and development of the Corporate Risk Register, together with the Director of Strategy and Performance/Director of Finance and Technology, through regular dialogue with corporate risk owners.* Work collaboratively to ensure that the companys risk management framework is delivered.* Manage the maintenance of the operational risk registers through regular dialogue with the risk register owners.* Identify high-priority risks, supporting risk owners to manage mitigation and reduce overall risk to companies.* Ensure that risk assessments and controls are developed per the companys risk appetite.* Develop and produce a risk management reporting pack for the Audit and Risk Committee.* Develop and maintain an up-to-date risk management recording and reporting system.* Propose and present improvement solutions and initiatives to MHM risk management arrangements.They offer an excellent hybrid working and supportive team environment with great benefits—a salary of £35,000 - £39,500.